package com.guanghua.brick.security;

import java.util.List;

import javax.servlet.http.HttpServletRequest;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

import com.guanghua.brick.util.IConfig;
import com.guanghua.brick.util.XmlReader;

/**
 * 获取security相关实现的工具类
 * @author Administrator
 *
 */
public class SecurityUtil {
	
	private static Log logger = LogFactory.getLog(SecurityUtil.class);
	
	private static String APP_PERMISSION_CLASS = "com.guanghua.brick.security.DefaultPermission";
	private static String WEB_PERMISSION_CLASS_KEY = "globe.permission.key";
	private static String WEB_PERMISSION_AVAIL_KEY = "globe.permission.avail";
	private static boolean APP_PERMISSION_AVAIL = false;
	static {		
		try {
			//读取配置
			XmlReader reader = new XmlReader("brick.app.xml");

			//sql数据库连接配置
			IConfig[] c = reader.readByTagName("app-permission");
			if (c != null && c.length != 0 && c[0] != null) {
				APP_PERMISSION_AVAIL = "true".equals(c[0].getAttribute("avail"));
				APP_PERMISSION_CLASS = c[0].getText();
			}
		} catch (Exception e) {
			logger.error("parse xml brick.app.xml error", e);
		}
	}
	
	
	//获取是否登陆
	public static boolean isLogin(HttpServletRequest request) {
		return (request.getSession().getAttribute(IAuthenticated.AUTHENTICATED_KEY) != null);
	}
	
	//获取登陆的ia对象
	public static IAuthenticated getLogin(HttpServletRequest request) {
		if (isLogin(request)) {
			return (IAuthenticated)request.getSession().getAttribute(IAuthenticated.AUTHENTICATED_KEY);
		} else {
			return null;
		}
	}
	
	/**
	 * 获取和app有关的permission实现类
	 * @return
	 */
	public static IPermission getPermission() {
		try {
			return (IPermission) Class.forName(APP_PERMISSION_CLASS).newInstance();
		} catch (Exception e) {
			logger.error("create app permission error", e);
			return new DefaultPermission();
		}
	}
	
	/**
	 * 获取和web app 相关的permission实现类
	 * @param request
	 * @return
	 */
	public static IPermission getPermission(HttpServletRequest request) {
		String cls = (String)request.getSession().getServletContext().getAttribute(WEB_PERMISSION_CLASS_KEY);
		if (cls == null) {
			try {
				//读取配置
				XmlReader reader = new XmlReader(request.getSession().getServletContext().getRealPath("/WEB-INF/brick.web.xml"), true);
				IConfig[] c = reader.readByTagName("web-app-permission");
				if (c != null && c.length != 0 && c[0] != null)
					cls = c[0].getText();
				else 
					cls = APP_PERMISSION_CLASS;

			} catch (Exception e) {
				logger.error("parse xml /web-inf/brick.web.xml to find web permission error", e);
				cls = APP_PERMISSION_CLASS;
			}
			
			request.getSession().getServletContext().setAttribute(WEB_PERMISSION_CLASS_KEY, cls);
		}
		
		try {
			return (IPermission) Class.forName(cls).newInstance();
		} catch (Exception e) {
			logger.error("create web permission error", e);
			return new DefaultPermission();
		}
	}
	
	/**
	 * 获取和web app 相关的permission实现类是否有效标志
	 * @param request
	 * @return
	 */
	private static boolean getWebAppPermissionAvail(HttpServletRequest request) {
		Boolean avail = (Boolean)request.getSession().getServletContext().getAttribute(WEB_PERMISSION_AVAIL_KEY);
		if (avail == null) {
			try {
				//读取配置
				XmlReader reader = new XmlReader(request.getSession().getServletContext().getRealPath("/WEB-INF/brick.web.xml"), true);
				IConfig[] c = reader.readByTagName("web-app-permission");
				if (c != null && c.length != 0 && c[0] != null)
					avail = new Boolean("true".equals(c[0].getAttribute("avail")));
				else 
					avail = new Boolean(false);

			} catch (Exception e) {
				logger.error("parse xml /web-inf/brick.web.xml to find web permission avail error", e);
				avail = new Boolean(false);
			}
			
			request.getSession().getServletContext().setAttribute(WEB_PERMISSION_AVAIL_KEY, avail);
		}
		return avail.booleanValue();
	}
	
	/**
	 * 和permission接口相关的一系列方法
	 */
	public static boolean functionPermissionValid(String function, HttpServletRequest request) {
		if (!getWebAppPermissionAvail(request)) return true;
		else return getPermission(request).functionPermissionValid(function, request);
	}
	public static boolean functionPermissionValid(String function, IAuthenticated user){
		if (!APP_PERMISSION_AVAIL) return true;
		else return getPermission().functionPermissionValid(function, user);
	}
	public static String contentPermissionFilter(String function, HttpServletRequest request, String propertyName){
		if (!getWebAppPermissionAvail(request)) return "";
		else return getPermission(request).contentPermissionFilter(function, request, propertyName);
	}
	public static String contentPermissionFilter(String function, IAuthenticated user, String propertyName){
		if (!APP_PERMISSION_AVAIL) return "";
		else return getPermission().contentPermissionFilter(function, user, propertyName);
	}
	public static List contentPermissionFilter(String function, HttpServletRequest request){
		if (!getWebAppPermissionAvail(request)) return null;
		else return getPermission(request).contentPermissionFilter(function, request);
	}
	public static List contentPermissionFilter(String function, IAuthenticated user){
		if (!APP_PERMISSION_AVAIL) return null;
		else return getPermission().contentPermissionFilter(function, user);
	}
	public static String getFunctionName(String functionId, HttpServletRequest request) {
		return getPermission(request).getFunctionName(functionId);
	}
	public static String getFunctionName(String functionId) {
		return getPermission().getFunctionName(functionId);
	}
}
